Description

Overview

Microsoft Server Message Block (SMB) may crash upon receipt of a crafted SMB_COM_TRANSACTION packet requesting a NetServerEnum3 transaction. Attackers can use this vulnerability to cause a denial of service.

Description

SMB is a protocol for sharing data and resources between computers, included in many versions of Microsoft Windows.

SMB may crash if it receives a crafted SMB_COM_TRANSACTION packet requesting a NetServerEnum2 transaction. If either the 'Max Param Count' field or 'Max Data Count' field of the packet is set to zero (0), the destination SMB host will crash with a blue screen. This vulnerability can be exploited by both local and remote attackers.

Impact

Remote attackers can cause a denial of service. Attackers may also be able to execute arbitrary code, though this has not been demonstrated or proven.

Other Information

All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please mail to content@vulners.com Vulners, 2018